Alexander Conroy

How to Unblock / Bypass SOPA with local HOSTS File: Solutions and Discussion

SOPA proposes to force ISP’s to shut down DNS resolution for infringing sites, which at this point, could be any site due to the vague nature of SOPA verbiage.DNS, or the Domain Name System, is a protocol that turns websites into numbers, like facebook.com into 66.220.149.11. Every time you type in a website address you ask your internet service provider like AT&T or Comcast for a number, that number then provides you the website. It’s like having a name on your home address instead of having to give out the full address. This is called DNS ResolutionA little after the 2012 ball dropped, Gregory Conroyand I were discussing possible solutions should SOPA go into effect, he came up with an idea that was, remarkably simple…Modify your HOSTS file to resolve the the desired IP Address!

You have a choice, you can ask your internet provider(Comcast, AT&T, etc.) for the IP Address of the website you want, or you can ask someone else(a remote list)…or even define it yourself(your own list)!

SOPA does not prevent accessing websites based on IP address however, so some sites will still work by typing in the number. For instance, if you want to go to Facebook you could type: http://66.220.149.11 and it would take you to Facebook. SOPA is not as malicious as the Great Firewall of China because of this lack of IP Blocking, and allows for easy circumvention. Essentially, it would just block websites from non tech savvy people who do not understand what an IP Address is.

What is not commonly known, except among tech/gadget circles, programmers and pirates, is that your local computer can decide what IP Address a domain points to and bypass the ISP’s DNS resolution, this is a huge part of your privacy, there is a reason why I always recommend the privacy filters. We use this in web development to “spoof” a website locally, pointing it to our development servers while we work.

The solution to SOPA is achieved by simply modifying your HOSTS file to point the domains you commonly use and domains that are at risk of or are being blocked, to their proper IP Addresses, bypassing your ISP’s DNS Filter. Basically, you manually set facebook to 66.220.149.11

Please note that while this is easily done, and we expect it to be a common method to circumvent SOPA, it may actually be illegal to do this. There is argument over whether or not using a circumvention tool violates law, whereas it is almost certain that creating a circumvention tool will be a violation of law. 

The sad thing is that this brings the government home, deciding what you can and can’t install or use on your personal computer…its a slippery slope.

Here is an example of a windows HOSTS File and how it would look if you decided to do it (By the way, the HOSTS file is in c:/windows/system32/drivers/etc/ and you must set unset the file from “read only” to modify it.)

# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This

file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a ‘#’ symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com #

source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost
66.220.149.11 facebook.com
66.220.149.11 www.facebook.com

If SOPA passes, simple scripts can be written for people to automatically modify their HOSTS file and continue accessing sites that have been blocked, heck, you could even write an application that locally manages your hosts file and updates it based on remote parameters…which can be risky
This is EXACTLY what the DNS system was built for and what it does; it is also the goal of DNSSEC: because the remote host would have to be trusted.

to create a trustworthy domain name system(DNS) based internet.

SOPA will cause more problems than it resolves as people look for alternative ways to connect to their favorite websites while those websites sit in the court system pending legal resolution whether they were mistakenly or rightfully blocked. SOPA will destroy the DNS system and cause users to create solutions of their own, or solutions provided by untrusted sources, exposing them to both viruses and unnecessary hardships.

Due to this threat, there are already projects udnerway that are implementing similar solutions…They are getting ready because it seems that there is too much money involved in getting  SOPA to pass. Every major entertainment industry is for it.

One that stands out at the moment is Reddit’s Meshnet Plan which is trying to get up and running by January 31st, 2012 (When SOPA may be passed). Their plan is to:

To create a versatile, decentralized network built on secure protocols for routing traffic over private mesh or public internetworks independent of a central supporting infrastructure.
This would remove the need for trust in one single protocol such as DNS, and make it very difficult for a government or corporate entity to police, as the resolution of IP addresses by domain would be controlled by groups of networks instead of one single source.

[6:03 PM] Bill Grunau: well in that case if SOPA gets past Internet goes from Web 2.0 to Web 0.1
[6:03 PM] Alexander D. Conroy: no
[6:03 PM] Alexander D. Conroy: Web 4.0
[6:03 PM] Alexander D. Conroy: User controlled internet